Microsoft Strikes Against Zeus Botnets

Microsoft has been coordinating action against cybercrime on a global level, the company announced in a blog post.

In what the firm describes as a “complex effort” to disrupt botnets, Microsoft’s Digital Crimes Unit teamed up with the Financial Services Information Sharing and Analysis Centre, and several other organisations to take down a number of Zeus botnets worldwide.

The Zeus family of malware uses keylogging to obtain passwords and access to a person’s online accounts, with online banking being a primary target for cybercriminals.

Microsoft noted that the action, codenamed Operation b71 (snappy name), focused on botnets using Zeus, SpyEye and Ice-IX variants of the Zeus family. These are the ones which experts believe are the most harmful, having caused an estimated half a billion dollars in damages.

Microsoft stated: “Due to the unique complexity of these particular targets, unlike our prior botnet takedown operations, the goal here was not the permanent shutdown of all impacted targets. Rather, our goal was a strategic disruption of operations to mitigate the threat in order to cause long-term damage to the cybercriminal organization that relies on these botnets for illicit gain.”

The company added: “We don’t expect this action to have wiped out every Zeus botnet operating in the world. However, together, we have proactively disrupted some of the most harmful botnets, and we expect this effort will significantly impact the cybercriminal underground for quite some time. Cybercriminals are in this for the money and this action was an unprecedented strike against the illicit infrastructure on which they rely.”